Common Types of Fraud and Scams
... and Tips to Protect Yourself

Below are some of the more common (and harmful) types of fraud and scams. For more details on these and other scams, check out our additional resources and learn how to safeguard against thievery of all kinds.

Identity theft

Identity theft is the fraudulent use of another person's name, Social Security number, birth date, financial account number, or other identifying information to create new accounts, apply for credit or commit other types of fraud. Criminals will use an address different than yours to prevent you from finding out about unauthorized accounts. You may not find out you are a victim until a year or more after the crime has been committed. Thieves may capture your information through a number of methods including tricking you into giving it to them through techniques such as phishing (see below); searching through trash for paperwork with personal information on it (also known as dumpster diving); and taking mail such as pre-approved credit card offers, bills, account statements, and checks out of your mailbox.

Tips to protect yourself from identity theft

Try not to carry your Social Security card on you. Use a random number instead of your Social Security number on your driver's license. Don't have your Social Security number pre-printed on your checks.

Mail bills, credit card applications, and anything with your personal or financial information from the post office or a locked mail box, and if you order checks for your account, request to pick them up from your financial institution; thieves may steal mail from your home and use the information to create new accounts.

Don't give your personal or financial information to someone you don't know, no matter what the situation or how urgent it seems.

Protect your personal information. When asked for your Social Security number, ask how it will be used, how it will be protected from ID theft, and whether another number will do.

Shred documents that contain personal identifying information before tossing them in the trash; cross-cut shredding papers, versus strip-cut shredding, creates confetti-like pieces that are very difficult for thieves to reassemble.

Check your account statements for errors as soon as they arrive. If there is an error, or if your statements don't arrive on time, contact the financial institution or company. Criminals may have changed the address on your account to hide fraudulent activity.

Check your credit report every year for errors and unauthorized accounts. Go to AnnualCreditReport.com to request a free credit report from each of the major credit reporting agencies - Experian, Equifax, and TransUnion. Stagger your requests. For example, get one free report from Experian, in four months get a free report from TransUnion, and in another four months get a free report from Equifax.

Phishing

Phishing scams generally come in the form of an email supposedly from a company (such as a financial institution, bill pay provider or shopping service) with which you may or may not do business. The email message is urgent and requests that you update your account information because of system requirements, to avoid your account being closed, or because of possible fraud on your account. These messages appear authentic and usually include the real company's logo, slogan, and what appears to be its website, where the email message asks that you enter your information. These sites may even be secure, giving you a false sense of confidence.

So how do you know whether the email is real or phony? Simple - no reputable company would ask customers to verify account information online. Also, these messages are sent in bulk as spam and use the names of large, well-known companies, taking a chance that you are a customer of that company; if you are not, that should be your first clue to delete the message. Another clue is that phishing emails often, though not always, contain poor spelling and grammar.

A new similar scam called SMiShing (phishing via SMS or short message service) is sent by text message on mobile phones. In a recent case, the fraudster sends a false text message thanking the recipient for subscribing to a dating service. Potential victims are told that a subscription fee of $2 a day will be automatically charged to their cellphone bills until the subscription is canceled at the online site. If recipients visit the infected site to cancel the subscription, they're redirected to a screen that prompts them to enter their cell phone number, and they're asked whether they want to run a program that supposedly removes their subscription from the dating service. This "program" is actually malware that infects victims' computers and allows hackers remote access.

Tips to protect yourself from phishing

Never click on a link in an email if there is a possibility it is fraudulent. Even without entering personal information on the site, clicking on the link - even to unsubscribe - could install a virus or spyware on your computer and retrieve personal information without your knowledge.

Never provide your personal or financial information via email or an unsecured Web page, even if it is to a person or company you know.

Keep your computer updated with the most current virus protection software and pop-up blockers.

If you go online to shop or conduct financial transactions, be sure to access the site by typing in the address manually.

Before you begin a financial or personal transaction online, be sure the site's URL begins with "https" and look for the locked icon in the lower right-hand corner of the browser window. (It's not enough for a lock to be displayed on the Web page.)

Don't be intimidated by urgent email messages warning of the consequences of not following its instructions.

If you feel that the email is legitimate, contact the sender using a Web address or phone number that you know is valid, perhaps from a statement you've received.

If you are a victim of a phishing scam, contact the company whose name was on the message using a known phone number, place alerts on your credit files, and monitor your account statements closely.

Arsenal Credit Union does not solicit personal information via email. If you receive any suspicious contact by email claiming to be from ACU, contact us at 314.962.6363 or 618.239.6363 (toll-free 1.800.719.6363). Please also forward the email to us at arsenalcu@arsenalcu.org. This will help us protect you and other members against fraud.

Vishing

Vishing mimics phishing by trying to trap you into divulging your account numbers. But instead of being phished in an email message, you may receive a telephone call from an automated random dialer, and the voice on the other end of the line may tell you your credit card has been used illegally. You're then asked to dial a fake 1-800 number with another voice that asks you to confirm your account details and credit card number.

All this is possible because of Voice over Internet Protocol (VoIP), the new technology that makes inexpensive and anonymous Internet calling possible. While there are legitimate reasons to disguise a phone number on caller ID, consumers now have a more difficult time determining fraud from valid contact. The most important thing to remember, however, is to never give any personal or financial information over the phone if you didn't initiate contact.

Tips to protect yourself from vishing

If you get a phone call and someone asks you to give or confirm credit card or personal information, hang up. Then call your credit union or the financial institution that issued the card by using the phone number on the back of the card or on your statement and report the attempt.

If you get a call from someone who claims to be from a financial institution you do business with and who knows your credit card account number but wants the three-digit code on the back of the card, immediately hang up.

If you get an email message asking you to call a toll-free number to verify account information, delete the email. Never provide personal information or account information based on an email request.

Don't be fooled by the fact that the caller's phone number appears to be a regional telephone number; it could have been spoofed using Voice over Internet Protocol.

Be suspicious of any phone or email contact that doesn't use your first name or surname.

Never dial a call return number - or reply to an email - regarding any financial matter.

Pharming

Unlike phishing, which uses email spam to deliver fake messages, pharming operates through fake websites. It automatically directs computer users from a legitimate website to a fraudulent copy of that site with no warning signs. Once a victim is transferred to the fake site and logs in to his or her account, it collects passwords, credit card numbers, and other private information for the purpose of committing identity theft. Phishing requires a response from the victim but pharming does not.

Tips to protect yourself from pharming

Online users are urged to watch for uncommon log-in processes that don't look the same as on the legitimate site. Some fraudulent sites will ask users for information such as a Social Security number, not normally required.

ATM fraud

Even if no one is peering over your shoulder, there are several ways thieves may try to take your money - and identity - while you're at the ATM.

Skimming is a method that generally involves criminals tampering with the card reader. Your card may seem jammed when you insert it into the ATM, and someone may walk up and suggest that you re-enter your personal identification number (PIN). When that doesn't work, you may give up and leave, but that person - the thief - can retrieve your card along with the device he or she placed on the machine. The thief can use your card to withdraw money (since he/she watched you enter your PIN). Or, the thief may watch you enter your PIN via a camera a distance from, or even attached to, the ATM.

Sometimes, your transaction may proceed uninterrupted, but a skimmer attached to the card reader captures the information on your card, or a fake PIN pad or covering of the existing pad allows the thief to steal your PIN. While you'll get your card back, the thief can use the information from your card to replicate the card and withdraw cash. If it's a debit card, he or she can even make signature-based purchases at most retail locations with the counterfeit card.

In another situation, the thief may be able to intercept your cash at the end of the transaction by adding a false front on the cash dispenser, which traps the bills inside. It may seem that the machine is malfunctioning, but once you leave, the thief will claim your cash.

Tips to protect yourself from ATM fraud

The best way you can protect yourself is to be alert. If an ATM looks different or as if it has been tampered with, do not use it. If you see anyone standing near the ATM or watching the machine from a distance, leave and find another machine.

Lottery scams

You may get a letter in the mail or an email congratulating you on winning a lottery when in all likelihood it's an attempt by con artists to swindle you out of some money. The lotteries claim to be held in Canada, Australia, Europe, Spain, Britain, and even America, but any place is possible. If the announcement comes in the form of a letter, a check will usually accompany it. Recipients are told to contact their "agent" or "claims attorney" within a very short period of time to get the necessary authorization or to activate their account before cashing the check. Further instructions are then given on how to claim their prize money. Those who make the call are typically asked to deposit the check and send the money by wire transfer immediately to the so-called lottery company in order to receive the remainder of their winnings.

While the checks may look legitimate, they prove to be counterfeit - the issuing bank, routing number and/or account number aren't valid. The victims end up having to repay their financial institution the thousands of dollars they withdrew against the bad check. Just because you can withdraw the money from the financial institution does not mean the check is good, even if it is a cashier's check.

This scam may also be done over the phone. In this scenario, the caller reports that a courier in your area is ready to deliver the prize but claims that the laws are different in his/her country and taxes must be paid upfront; you need to wire money in order to claim your prize. However, there is no reason for someone who is giving you money to ask you to wire money back, and if it's a real sweepstakes or lottery, you'll pay taxes directly to the IRS.

Examples:

Nigerian scams

While the scenarios differ, Nigerian scams usually come in the form of a letter or email from someone with millions of dollars to hide. The letter may claim to be from a prince or government official in a foreign country, not necessarily Nigeria (though that's usually where the scam artists are located), who needs to hide the money because his/her country is in turmoil. The letter asks for your trust and offers you a portion of the money for your trouble.

Once you accept to "help," he or she will ask for money, which may be deposited in escrow or taken from your account, to cover the expense of transferring the money, or merely as a "good faith" deposit. If you take the bait, they will continue to ask for more money to overcome various obstacles and may even try to lure you to Nigeria.

Advance-fee loan scams

Advance-fee loans guarantee consumers loans - regardless of credit - for a fee, which must be paid upfront. However, even after paying the fee, the consumer never receives the loan. These loans are advertised in newspapers and magazines, through the mail, and on TV and radio stations, and often ask you to call a 900 number, which will also cost you money.

According to the FTC, legitimate lenders rarely guarantee credit before evaluating a consumer's creditworthiness. Some may require consumers to pay application, appraisal or credit report fees, but these fees are never required before the lender is identified and the application is completed. Plus, any fees would be paid to the lender, not the broker.

Credit card fraud

While theft of a purse or wallet is a big red flag for credit card fraud, it is important to note that thieves do not need possession of your card in order to use it; they can simply use your card number to make purchases over the phone or online. They can get this information in a variety of ways: looking through trash to find receipts or statements with your credit card number on it (also known as dumpster diving); luring you to give them your credit card information through the mail, over the phone or online; or capturing the information after you've used the card, either at the store or through the credit card processor.

Tips to protect yourself from credit card (and debit card) fraud

Although you may not be able to keep hackers or dishonest employees out of your credit card processor's office, you can take simple defensive measures to keep thieves from stealing your credit card information from the garbage. (Note: Because debit cards can be used at many of the same places you can use a credit card, these tips apply to both.)

Make sure your credit card company has your current phone number so it can contact you if it sees suspicious charges on your card.

Don't use a debit card for online purchases. Unlike credit cards, most debit cards don't have a limited fraud liability.

Don't authorize payments or give out personal information over the phone unless you call a specific creditor and know its reputation.

Review your credit card and checking account statements regularly. Many thieves will "test out" a card by charging small amounts, such as at a gas station.

Notify your card issuer if a monthly statement fails to arrive in the mail. Criminals may have changed the address on your account to hide fraudulent activity.

Check your account statements for errors as soon as they arrive. If there is an error, contact the financial institution as soon as possible.

Shred pre-approved credit card offers, statements, and bills that contain account numbers or other personal information before throwing them away.

Keep a record of your account numbers, card expiration dates, and the card issuers' phone numbers in a safe place - but not in your wallet.

Be careful about using your credit card at Internet cafes or anywhere with a wireless connection.

Check your credit report every year for errors and unauthorized accounts. Go to www.annualcreditreport.com to request a free credit report from each of the major credit reporting agencies - Experian, Equifax, and TransUnion. Stagger your requests. For example, get one free report from Experian, in four months get a free report from TransUnion, and in another four months get a free report from Equifax.

Charity scams

Thieves may use charities as a front to prey on consumers' sympathies and scam them out of money. They may claim to be collecting money due to a recent tragedy (i.e. hurricanes, a tsunami, or terrorist attacks) and may claim to be from an existing or fictional organization or they may claim to be a victim of such recent events.

In Missouri, official organizations must register with the Missouri Attorney General's Office (www.ago.mo.gov) and state how much of their proceeds go to the charitable cause.

Also, emails that claim money will go to a specified charity each time the message is forwarded are not true.